rpcb_check.c revision 8f6d9dae92449b59bdafcb7777bc32f1b2726e48
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Auxiliary routines to shield off random internet hosts and to report
* service requests (verbose mode only) or violations (always).
*
* This code was extensively modifed from a version authored by:
*
* Wietse Venema, Eindhoven University of Technology, The Netherlands
* and distributed as "rpcbind 2.1".
*
* Sun was granted permission to use, modify, including make
* derivatives of, copy, reproduce and distribute this code.c in both
* binary and source forms, directly and indirectly.
*
* Modified for bundling with Solaris and IPv6.
*
* Solaris specific modifcations made are:
*
* Double fork() logging replaced with qsyslog();
* Connection refusals are flagged with svcerr_auth(); this
* aids in quicker diagnosability of misconfigurations and quicker
* failures for /net automounts;
* Single function for pmap* and rpcb*;
* Local transport checks made using localxprt().
*
* Copyright 2006 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* Copyright 2014 Nexenta Systems, Inc. All rights reserved.
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <syslog.h>
#include <errno.h>
#include <netconfig.h>
#include <netdb.h>
#include <netdir.h>
#include <rpc/pmap_prot.h>
#include <rpc/rpcb_prot.h>
#include <thread.h>
#include <synch.h>
#include <tcpd.h>
#include "rpcbind.h"
/*
* These are globally visible so that they can be modified by the wrapper's
* language extension routines.
*/
int allow_severity = LOG_INFO;
int deny_severity = LOG_WARNING;
/*
*/
static const char *
{
}
struct proc_map {
const char *proc;
};
PMAPPROC_CALLIT, "callit",
PMAPPROC_DUMP, "dump",
PMAPPROC_GETPORT, "getport",
PMAPPROC_SET, "set",
PMAPPROC_UNSET, "unset",
NULLPROC, "null",
};
RPCBPROC_SET, "set",
RPCBPROC_UNSET, "unset",
RPCBPROC_GETADDR, "getaddr",
RPCBPROC_DUMP, "dump",
RPCBPROC_CALLIT, "callit",
RPCBPROC_GETTIME, "gettime",
RPCBPROC_UADDR2TADDR, "uaddr2taddr",
RPCBPROC_TADDR2UADDR, "taddr2uaddr",
RPCBPROC_GETVERSADDR, "getversaddr",
RPCBPROC_INDIRECT, "indirect",
RPCBPROC_GETADDRLIST, "getaddrlist",
RPCBPROC_GETSTAT, "getstat",
NULLPROC, "null",
};
/*
*/
static const char *
{
int nitems, i;
if (pm) {
} else {
}
for (i = 0; i < nitems; i++) {
}
return (NULL);
}
/*
* rpcb_log - log request for service
*/
void
{
const char *client = "unknown";
char *uaddr;
char toabuf[INET6_ADDRSTRLEN];
const char *procname;
/*
* Transform the transport address into something printable.
*/
"unknown transport (rpcbind_get_conf failed)");
sizeof (toabuf));
} else {
}
"%sconnect from %s to %s-%lu(%lu)",
} else {
}
}
/*
*/
{
"rpcbind_get_conf failed: no client address checks");
return (B_TRUE);
}
/*
* Require IPv4 for pmap calls; they're not defined for anything else.
*/
if (local_only) {
} else {
char buf[INET6_ADDRSTRLEN];
const char *addr_string =
sizeof (buf));
(void) mutex_lock(&hosts_ctl_lock);
addr_string, "") == 0)
(void) mutex_unlock(&hosts_ctl_lock);
}
}
}
if (!res)
if (verboselog || !res)
return (res);
}